Posted
by
ScuttleMonkey
on Monday October 13, 2008 @12:57PM
from the better-late-than-buggy dept.

A. B. VerHausen writes to tell us that over 200 release-critical bugs continue to push back Debian Lenny's release date. Originally slated for a September release, there is still a long road to be traveled before Lenny sees the light of day. Project leader Steve McIntyre says they may consider dropping some packages for the release if they continue to cause problems, and while an end of October release is the goal, only time will tell.

Queue Orson Welles' deep voice stating "We will ship no Linux before it's time". Seriously, I always thought this was one of the major advantages contributing to Linux quality: not having to meet arbitrary release deadlines imposed by marketing and sales. Unlike one of Debian's Operating System competitors that will go unmentioned except to say that they're based in Redmond where the Vista is always cloudy. This isn't news because it is exactly what I would expect Open Source developers to do.

I just have one stupid question: when will Debian run out of Toy Story Characters [wikipedia.org] to name releases after? (Methinks the Hand-in-the-box [wikipedia.org] release will not be well received...)

Well, a few years ago the running joke was whether Debian would run out of Toy Story characters before the heat death of the universe. They've shortened the release cycle since then, which doesn't seem to be working for them.

The shortened release cycle seems to be working pretty well. Afaict thier current strategy is to aim for 18 months and be happy with 24. They achieved that with etch and it seems likely they will achieve it with lenny.

Last time I looked, it was here [turmzimmer.net], but as that page says this is an unofficial list.
Methinks some of the bugs look bad, but at least you can *see* what's happening "in the kitchen" with Debian.

This is good news. There are many distributions that just take the latest and greatest of every package without doing proper quality control (Ubuntu, Gentoo, Fedora, etc). The price they pay is regressions and stuff that doesn't work. There needs to be distros like Debian which, while always delayed, has all the important bugs ironed out.

Obviously you have never worked in software QA. There are always bugs that make it into released project. The art of good project management is deciding which bugs can be allowed into the final project (ie which will actually impact users).

Depends on the version of Linux and what software you use with it. There are a mind-boggling number of different versions of the kernel out there, in various distributions, and sometimes in custom-made operating systems...and then we aren't even getting to the applications, yet. Among all those, I am sure you will find everything from rock-solid to "crashes at the drop of a hat, or even without that".

As on most other platforms, the apps vary. Because we're talking open source here, unstable test versions are usually available, and often the bleeding-edge stuff the developers are still editing is available, too. Different distributions choose what to ship, depending on what their target audience is.

Also, regardless of the stability of individual components, there are often issues that arise from the interactions between the components. That's actually where Linux distros are a huge win over other OSs: the developers test, patch, and integrate a huge swathe of free software alongside the core OS, in a way that commercial OSs don't (they may do the testing bit, but that's all.)

Ubuntu, AIUI, made a deliberate decision to be slightly less anal about rock solid stability and nailing every last bug, in order to be able to ship more up-to-date versions of the applications that most people use day to day. Crashes are undesirable, but having features missing that you want to use is also undesirable. And having said that, Ubuntu is usually pretty bomb-proof too.

"Linux" is a complex ecosystem, but it offers choice, and switching between different flavours once you've found your personal "sweet spot" is still much less painful than migrating between other OSs.

Sure, based on Debian Sid - a little ways back on the scale of stability vs current versions. So while, yes, Ubuntu is based on Debian, its choice of where to branch off cuts out some of Debian's QA process. How you feel about the advantages and disadvantages of that choice is of course a matter of taste.

Debian does have bugs when released. As another poster have mentioned, you missed the "important" qualifier word. Many software are released with bugs that practically make it unusable for its stated purpose, but this is rather rare* in Debian.

* Note: "rare" does not mean "non-existent". I have encountered non-trivial showstoppers but with much less frequency than other distributions.

Ubuntu is not "like" Debian with respect to its bug tolerance. It has a fixed release schedul

For production quality operating systems there is *nothing* better than release when ready. Given the sheer number of packages and diversity of platforms, all the Debian volunteers do a great job.

It remains the corner-case user who needs the latest and greatest release of any given package.

As an fyi, I've been running Lenny for at least 6 months as a clean-install desktop with no issues. Upgrading from stable to Lenny had issues for me. I've got two servers running Lenny without show-stopper bugs right now.

Lenny's got a really nice KDE4 in an unofficial repo at deb http://kde4.debian.net/ [debian.net] . I encourage users to check it out. Don't enter bugs against these packages in Debian though.

Exactly. And if you're too impatient to wait for them to get all the bugs out, that's what Sid is for. I've been using debian unstable since it was lenny, and it's always been very good. It's very rare that there's actually a bug in a package I use, so it's plenty stable for my purposes.

It is much more correct to say it the way you just did - "using unstable since 3.1 was current." The reason is that there is never an instant in time when the current snapshot of unstable will become a release. Individual packages (or versions of them) migrate from unstable into testing, and at some point testing is frozen for release and then becomes stable so that it can be unfrozen for new packages to come in from unstable. That's why unstable is always sid - it's constantly changing and never frozen.

If you think Ubuntu has the latest and greatest packages, maybe you should try it once. Most of the packages are outdated and I don't rely on the package manager if I want the latest version anymore.

To be fair, Debian does do quite a bit more testing than Ubuntu. OTOH, Ubuntu does a lot more spit-and-polish integration than Debian and is unafraid to take controversial stances on things like binary drivers or distributing Firefox with Firefox branding (as opposed to Ice Weasel or whatever) or distributing some codecs that may be violating patents or using code from other distros (like system-config-printer).

Debian is more about stability and reliability, while Ubuntu is more about the end-user experience.

When you make a Linux distro, you have to make a few tradeoffs. The differences between Ubuntu and Debian are mostly about differences in decision-making regarding these tradeoffs.

Ubuntu tends to have the latest and greatest packages up front. For example, 8.04 was released with a Firefox 3.0 release candidate. The trick is that they don't upgrade packages arbitrarily--they'll upgrade or backport for security fixes, but not for the newest version. You'll have to wait for the next major release if you want that.

It's a nice compromise between bleeding-edge and stability. I'm sure that the process is only made more difficult by upstream developers mixing bugfixes with new features.

In Ubuntu, the trick I do is to use binary packages of the latest stable version and source packages from the upcoming (yet unreleased) version.
When something is missing you can download the source package of the new version, make the compile, generate a binary package and install it in an automated way.
An extra plus: during the process you can also patch the source.

No problem! I discovered it while browsing the repository. I guess that's one of those things you would find out about in the New Maintainer's Guide or the Policy Manual. I've never gotten around to reading them.

There's another apt-* package out there that will list known bugs as you install the packages (... packages will be installed, continue Y/N?... Known Bugs: continue Y/N?)

Debian used to release when they felt like the system was in a good enough state to release, with no set schedule. This is exactly why that's a good idea - now, they have to choose between being buggy or being behind schedule, whereas before they did not have to make that trade-off.

Meanwhile, in the 'unstable' tree, the changelogs aren't getting updated.

In 'aptitude', I pick through the packages with updates available and look at the changelogs to see what got changed to see if it's one I want to take. About a week ago, a bunch of updated packages showed up, but the corresponding changelogs seem to have gone AWOL (examples: there is no changelog for smbclient 2:3.2.3-3, or iceweasel 3.0.3-2).

I've seen this sort of thing before, but never understood why it was happening. Can anyo

If this is happening, first check the changelog for the affected package in/usr/share/doc. If it is out of date or missing, you need to file a severity minor [debian.org] (with the following rationale [debian.org]) against the packages missing the updated changelog. This is not a violation of Debian policy (which would warrant a severity of serious), but it's suggested by policy and trivial to add.

The above user does not want to install the packages unless they have a change he would interested in. Changelogs are only available in/usr/share/doc AFTER the package is installed. Although, I suppose he could manually download the.deb, unarchive it using ar, tar, and gz, and then see if it would have a changelog in/usr/share/doc that way.

I have noticed something similar as the above poster; it might have the same cause. I will sometimes browse packages.debian.org/sid/package-name, and then click on cha

The changelog presented in aptitude should be up to date as well. It's pulled from the package. He can likely file the same bug as before mentioning the fact that the changelog isn't showing up in aptitude (which could be an aptitude bug, after all), but having never done that, I'm not sure what the response would be.

Weird about the problem on p.d.o before. I've had problems recently with apt-listbugs not being able to connect to the bug tracking system to check the bugs before an install or upgrade on u

The changelog presented in aptitude should be up to date as well. It's pulled from the package.That seems unlikely to me since it would require the package manager to download the whole package to show the changelog.

changelog
Downloads and displays the Debian changelog for each of the given source or binary packages.
By default, the changelog for the version which would be installed with "aptitude install" is downloaded. You can select a particular version of a package by appending =version to the package name; you can select the version from a particular archive by appending/archive to the package name.

Stop seeking.0 releases. Debian 4.0 Etch users want Debian 4.1, not 5.0, because a.1 release can come out much more quickly and with less potential for bugs than a.0 release. What I would like to have is a 4.1 release, followed by a 4.2 and 4.3, and potentially a 4.4 release, which will all make small incremental improvements and risk-free popular package updates within short timeframes, and only then a 5.0 release with lots of new but more riskier package updates and maybe also architectural changes i

I am laughing very hard that RHEL tried to say there's no such thing as a '.0' or '.1' release, and it's all 'RHEL 4' or 'RHEL 5'. Take a look at the available media, though, and you'll see that they're really still doing what they did with the old RedHat 6 and RedHat 7:.0 is unstable,.1 has bugfixes,.2 is stable.

Red Hat marketing may not acknowledge point releases, but they do indeed exist [redhat.com]. And CentOS tracks 'em. That's why I know. (Too cheap for RHEL, too lazy for Fedora. I use Kubuntu for desktops, but the server has always been in the Red Hat lineage.)

Debian stable is a server distro. Every time there is an upgrade, a full regression test must be done to the server. This is expensive and time-consuming. The whole idea of Debian stable is that it is stable and doesn't change often. No one running stable wants the latest and greatest. We want stability and security fixes. That's it.

Clearly you already know about the testing and unstable releases, but did you know about backports and volitile? Volitile is great for things like anti-virus and anti-spam software that you really do want and need upgrades. Backports is a little different--it's basically upgrades for popular packages in stable, and you can pick and choose which ones you want.

Stable means stable, and backports and volitile are great tools to help you. If you want the latest and greatest, that's what the testing release is for.

"Debian 4.0 Etch users want Debian 4.1, not 5.0, because a.1 release can come out much more quickly and with less potential for bugs than a.0 release. What I would like to have is a 4.1 release, followed by a 4.2 and 4.3, and potentially a 4.4 release, which will all make small incremental improvements and risk-free popular package updates within short timeframes, and only then a 5.0 release with lots of new but more riskier package updates and maybe also architectural changes if any."

Please, Debian, give us a stable 4.1 now, a "mini-lenny" just to keep ourselves (for the server side at least, as I expect most of us to run lenny on the desktop) an the rest of our userbase and potential new users happy with updates popular packages.

I suspect it's too late for that. The Debian developers would have to dig up suitably
old versions (yet fresh enough!) of their packages from months back.

Also there is the domino effect: if foobar-11.0 is a package version which everyone wants,
and the foobar

Debian has no release date. It never had, and doesn't seem to have any plans on adopting release dates. Thus, Debian can't be "late", since being late implies on missing a release date, and Debian doesn't have that. Or, maybe I didn't repeat that enough, so let me tell you: Debian never made a compromisse on releasing any version on any exact day.

What Debian does have is a list of bugs. Everytime testing is frozen, it is created a list with the showstopper bugs, and release happens when that list becomes empty. The list can increase if more bugs are found, or decrease if bugs are solved or some functionality removed.

Debian also do have people betting when it'll be out. Those people give specific (or sometimes not very specific) dates, but that isn't a release date for the team, just a guesstimate.

While I don't dispute the claims you make, I would like to point out that

1. Debian does make announcements about prospective release dates. These aren't firm promises and shouldn't be interpreted as such, but it is disappointing when they miss those dates by months.

2. Releases aren't only made when the bug count drops to zero. First of all, there are bugs that aren't considered "release-critical". Secondly, sometimes (I think this happened with etch) releases are made with known issues and a promise to fix those issues Real Soon Now. Thirdly, the way the bug count is brought to zero usually includes simply throwing out packages that have known bugs. If many people want such a package, that isn't very helpful.

3. Bugs that would have been "release-critical" are often discovered after a release is made. The current stable release, etch, had more release-critical bugs pending against it than lenny (the upcoming stable release), last time I checked.

What all this means is that Debian will _not_ generalyl be released at any date that has been mentioned, and will _not_ generally be bug-free when released.

Having said all that, it's still my favorite operating system, as it takes less of my time to use and maintain than anything else I have tried (and that is quite a lot).

It looks like there aren't any floppy installation images [debian.org] for Lenny i386 . This is a real sore point for me since the Etch floppies wouldn't properly boot from a USB drive on my laptop and I had to fall back to Sarge to bootstrap a fresh installation. I was hoping they'd have this fixed but apparently they just decided to lazily drop support altogether.

It's really frustrating that Debian is letting floppy installation support slip. This is a big deal for those of us with old or unusual hardware that can't b

The problem is the kernel team aren't cooperating:(. They won't keep the -486 kernel slim enough and they won't sanction the creation of a seperate kernel flavor just for the floppy installer to use it.

With etch the kernel had grown to the point that they had to kick everything that wasn't absoloutly essential (including USB floppy support) from the boot floppy.

With lenny a couple of bad things happened. Firstly the UPX recompressor stopped working for current kernels. And then just as there was talk of fi

Actually, I think we would be glad if Microsoft was holding back a release because of critical bugs. Sure, there would be the occasional jackhole who said Microsoft sucks because they can't keep a release date. But, if they were being as open as Debian and admitting to fixing critical bugs (and presenting them for us to see), I'm sure there would be some insightful comments about the increased quality being worth the wait.

Some insightful comments, sure. But most would be giving them shit and making remarks about it being the next Vista and whatnot. But to paraphrase someone's sig, Slashdot has scattered insight in a sea of mediocrity - so that's really to be expected;)

Possibly, but I truly don't think Microsoft could ever do right around here. Short of releasing the OS under either the BSD license or the GPL, they will forever have a reputation as software bloaters, monopolists, and DRM-supporters. And such a reputation is not undeserved.

The truth is, I'm not sure they could ever make a stable release of Windows. Vista was horribly delayed, horribly buggy on release, and had dropped a fair number of planned features in order to prevent further delays. If they'd planned to quash most of the bugs before release, I wonder how long it would have taken to get it all done?

Debian has the benefit of a good reputation and of having free software. People aren't scared to run pre-release versions of Debian in production, and it's relatively simple to fix many bugs yourself while waiting for something official from Debian. This means that Debian gets more testers doing real work with their release candidates.

Compare this to Microsoft, who also publish beta and release candidates for free (though free-as-in-beer.) How many people ran Vista full-time before it was released? Heck, Microsoft can barely get people to run it full-time now that it's been out for a while!

Maybe they should create something people actually want to use, instead of have to use because of application compatibility and then people also would most likely rather use the older version because of the same reason (XP)

If we thought the delay would actually allow MS to release a product free of serious bugs, we'd be glad. If, however, they miss release dates and then release with major known issues still present, then we laugh.

``If this article was about Microsoft instead of Debian, you know the tone would be substantially different.''

Yes. And that's a bit hypocritic. On the other hand, there is an important difference between Microsoft and Debian: while both produce operating systems, Microsoft mostly deals with only things they develop themselves, and doesn't package all applications for a given release of their operating systems. Debian, on the other hand, deals mostly with software they don't develop, and still manage to pack

But then you have the difference that you're PAYING for Windows, while Debian is an open source project that you get can for free. The thing here is "Hey look, these people are waiting to give us something for free until they've ironed out the bugs". You can go grab Sid if you want - can you get Windows 7 for free already, with free updates?

Fire and brimstone coming down from the skies! Rivers and seas boiling!Forty years of darkness, earthquakes, and volcanos!The dead rising from the grave!Human sacrifices, debians and redhats living together! Mass hysteria!